Skip to content

Commit

Permalink
Script updating gh-pages from 70098d6. [ci skip]
Browse files Browse the repository at this point in the history
  • Loading branch information
ID Bot committed Jun 24, 2024
1 parent 7538fbd commit 003223b
Show file tree
Hide file tree
Showing 2 changed files with 62 additions and 20 deletions.
42 changes: 30 additions & 12 deletions draft-ietf-netmod-immutable-flag.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1549,7 +1549,7 @@ <h4 id="name-netconf-extensions-to-suppo">
<h4 id="name-restconf-extensions-to-supp">
<a href="#section-4.2.2" class="section-number selfRef">4.2.2. </a><a href="#name-restconf-extensions-to-supp" class="section-name selfRef">RESTCONF Extensions to Support "with-immutable"</a>
</h4>
<p id="section-4.2.2-1">This document extends sections 4.8 and 9.1.1 of <span>[<a href="#RFC8040" class="cite xref">RFC8040</a>]</span> to add query
<p id="section-4.2.2-1">This document extends Sections <a href="https://rfc-editor.org/rfc/rfc8040#section-4.8" class="relref">4.8</a> and <a href="https://rfc-editor.org/rfc/rfc8040#section-9.1.1" class="relref">9.1.1</a> of <span>[<a href="#RFC8040" class="cite xref">RFC8040</a>]</span> to add query
parameter named "with-immutable" to the GET operation. If present, this parameter
requests that the server includes the "immutable" metadata annotations in its
response. This parameter is only allowed with no values carried. If it has
Expand Down Expand Up @@ -1863,21 +1863,27 @@ <h2 id="name-yang-module">
<h2 id="name-security-considerations">
<a href="#section-10" class="section-number selfRef">10. </a><a href="#name-security-considerations" class="section-name selfRef">Security Considerations</a>
</h2>
<p id="section-10-1">The YANG module specified in this document defines a metadata annotation,
it also extends the base operations of the NETCONF protocol in <span>[<a href="#RFC6241" class="cite xref">RFC6241</a>]</span>
and <span>[<a href="#RFC8526" class="cite xref">RFC8526</a>]</span>.<a href="#section-10-1" class="pilcrow"></a></p>
<p id="section-10-2">The Network Configuration Access Control Model (NACM) <span>[<a href="#RFC8341" class="cite xref">RFC8341</a>]</span>
<p id="section-10-1">This section uses the template described in <span><a href="https://datatracker.ietf.org/doc/html/draft-ietf-netmod-rfc8407bis-12#section-3.7" class="relref">Section 3.7</a> of [<a href="#I-D.ietf-netmod-rfc8407bis" class="cite xref">I-D.ietf-netmod-rfc8407bis</a>]</span>.<a href="#section-10-1" class="pilcrow"></a></p>
<p id="section-10-2">The "ietf-immutable" YANG module specified in this document defines a schema
for data that is designed to be accessed via network management protocols such
as NETCONF <span>[<a href="#RFC6241" class="cite xref">RFC6241</a>]</span> or RESTCONF <span>[<a href="#RFC8040" class="cite xref">RFC8040</a>]</span>. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) <span>[<a href="#RFC6242" class="cite xref">RFC6242</a>]</span>. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS
<span>[<a href="#RFC8446" class="cite xref">RFC8446</a>]</span>.<a href="#section-10-2" class="pilcrow"></a></p>
<p id="section-10-3">The Network Configuration Access Control Model (NACM) <span>[<a href="#RFC8341" class="cite xref">RFC8341</a>]</span>
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content. Since immutable flag is tied
to applied configuration values, it is only accessible to clients that
have the permissions to read the applied configuration values.<a href="#section-10-2" class="pilcrow"></a></p>
<p id="section-10-3">The security considerations for the Defining and Using Metadata with
RESTCONF protocol operations and content.<a href="#section-10-3" class="pilcrow"></a></p>
<p id="section-10-4">The YANG module specified in this document defines a metadata annotation,
it also extends the RPC operations of the NETCONF protocol in <span>[<a href="#RFC6241" class="cite xref">RFC6241</a>]</span>
and <span>[<a href="#RFC8526" class="cite xref">RFC8526</a>]</span>.<a href="#section-10-4" class="pilcrow"></a></p>
<p id="section-10-5">The security considerations for the Defining and Using Metadata with
YANG (see <span><a href="https://rfc-editor.org/rfc/rfc7952#section-9" class="relref">Section 9</a> of [<a href="#RFC7952" class="cite xref">RFC7952</a>]</span>) apply to the metadata annotation
defined in this document.<a href="#section-10-3" class="pilcrow"></a></p>
<p id="section-10-4">The security considerations for the NETCONF protocol operations (see
defined in this document.<a href="#section-10-5" class="pilcrow"></a></p>
<p id="section-10-6">The security considerations for the NETCONF protocol operations (see
<span><a href="https://rfc-editor.org/rfc/rfc6241#section-9" class="relref">Section 9</a> of [<a href="#RFC6241" class="cite xref">RFC6241</a>]</span> and <span><a href="https://rfc-editor.org/rfc/rfc8526#section-6" class="relref">Section 6</a> of [<a href="#RFC8526" class="cite xref">RFC8526</a>]</span>) still apply to
the operations extended in this document.<a href="#section-10-4" class="pilcrow"></a></p>
the operations extended in this document.<a href="#section-10-6" class="pilcrow"></a></p>
</section>
</div>
<div id="iana-considerations">
Expand Down Expand Up @@ -1962,6 +1968,10 @@ <h3 id="name-normative-references">
<dd>
<span class="refAuthor">Enns, R., Ed.</span>, <span class="refAuthor">Bjorklund, M., Ed.</span>, <span class="refAuthor">Schoenwaelder, J., Ed.</span>, and <span class="refAuthor">A. Bierman, Ed.</span>, <span class="refTitle">"Network Configuration Protocol (NETCONF)"</span>, <span class="seriesInfo">RFC 6241</span>, <span class="seriesInfo">DOI 10.17487/RFC6241</span>, <time datetime="2011-06" class="refDate">June 2011</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc6241">https://www.rfc-editor.org/rfc/rfc6241</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC6242">[RFC6242]</dt>
<dd>
<span class="refAuthor">Wasserman, M.</span>, <span class="refTitle">"Using the NETCONF Protocol over Secure Shell (SSH)"</span>, <span class="seriesInfo">RFC 6242</span>, <span class="seriesInfo">DOI 10.17487/RFC6242</span>, <time datetime="2011-06" class="refDate">June 2011</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc6242">https://www.rfc-editor.org/rfc/rfc6242</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC7950">[RFC7950]</dt>
<dd>
<span class="refAuthor">Bjorklund, M., Ed.</span>, <span class="refTitle">"The YANG 1.1 Data Modeling Language"</span>, <span class="seriesInfo">RFC 7950</span>, <span class="seriesInfo">DOI 10.17487/RFC7950</span>, <time datetime="2016-08" class="refDate">August 2016</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc7950">https://www.rfc-editor.org/rfc/rfc7950</a>&gt;</span>. </dd>
Expand All @@ -1982,6 +1992,10 @@ <h3 id="name-normative-references">
<dd>
<span class="refAuthor">Bierman, A.</span> and <span class="refAuthor">M. Bjorklund</span>, <span class="refTitle">"Network Configuration Access Control Model"</span>, <span class="seriesInfo">STD 91</span>, <span class="seriesInfo">RFC 8341</span>, <span class="seriesInfo">DOI 10.17487/RFC8341</span>, <time datetime="2018-03" class="refDate">March 2018</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8341">https://www.rfc-editor.org/rfc/rfc8341</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC8446">[RFC8446]</dt>
<dd>
<span class="refAuthor">Rescorla, E.</span>, <span class="refTitle">"The Transport Layer Security (TLS) Protocol Version 1.3"</span>, <span class="seriesInfo">RFC 8446</span>, <span class="seriesInfo">DOI 10.17487/RFC8446</span>, <time datetime="2018-08" class="refDate">August 2018</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8446">https://www.rfc-editor.org/rfc/rfc8446</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="RFC8526">[RFC8526]</dt>
<dd>
<span class="refAuthor">Bjorklund, M.</span>, <span class="refAuthor">Schoenwaelder, J.</span>, <span class="refAuthor">Shafer, P.</span>, <span class="refAuthor">Watsen, K.</span>, and <span class="refAuthor">R. Wilton</span>, <span class="refTitle">"NETCONF Extensions to Support the Network Management Datastore Architecture"</span>, <span class="seriesInfo">RFC 8526</span>, <span class="seriesInfo">DOI 10.17487/RFC8526</span>, <time datetime="2019-03" class="refDate">March 2019</time>, <span>&lt;<a href="https://www.rfc-editor.org/rfc/rfc8526">https://www.rfc-editor.org/rfc/rfc8526</a>&gt;</span>. </dd>
Expand All @@ -1995,6 +2009,10 @@ <h3 id="name-informative-references">
<a href="#section-12.2" class="section-number selfRef">12.2. </a><a href="#name-informative-references" class="section-name selfRef">Informative References</a>
</h3>
<dl class="references">
<dt id="I-D.ietf-netmod-rfc8407bis">[I-D.ietf-netmod-rfc8407bis]</dt>
<dd>
<span class="refAuthor">Bierman, A.</span>, <span class="refAuthor">Boucadair, M.</span>, and <span class="refAuthor">Q. Wu</span>, <span class="refTitle">"Guidelines for Authors and Reviewers of Documents Containing YANG Data Models"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-netmod-rfc8407bis-12</span>, <time datetime="2024-06-21" class="refDate">21 June 2024</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-netmod-rfc8407bis-12">https://datatracker.ietf.org/doc/html/draft-ietf-netmod-rfc8407bis-12</a>&gt;</span>. </dd>
<dd class="break"></dd>
<dt id="I-D.ietf-netmod-system-config">[I-D.ietf-netmod-system-config]</dt>
<dd>
<span class="refAuthor">Ma, Q.</span>, <span class="refAuthor">Wu, Q.</span>, and <span class="refAuthor">C. Feng</span>, <span class="refTitle">"System-defined Configuration"</span>, <span class="refContent">Work in Progress</span>, <span class="seriesInfo">Internet-Draft, draft-ietf-netmod-system-config-08</span>, <time datetime="2024-06-18" class="refDate">18 June 2024</time>, <span>&lt;<a href="https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-08">https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-08</a>&gt;</span>. </dd>
Expand Down
40 changes: 32 additions & 8 deletions draft-ietf-netmod-immutable-flag.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,7 +314,7 @@ Table of Contents

4.2.2. RESTCONF Extensions to Support "with-immutable"

This document extends sections 4.8 and 9.1.1 of [RFC8040] to add
This document extends Sections 4.8 and 9.1.1 of [RFC8040] to add
query parameter named "with-immutable" to the GET operation. If
present, this parameter requests that the server includes the
"immutable" metadata annotations in its response. This parameter is
Expand Down Expand Up @@ -586,17 +586,25 @@ Table of Contents

10. Security Considerations

The YANG module specified in this document defines a metadata
annotation, it also extends the base operations of the NETCONF
protocol in [RFC6241] and [RFC8526].
This section uses the template described in Section 3.7 of
[I-D.ietf-netmod-rfc8407bis].

The "ietf-immutable" YANG module specified in this document defines a
schema for data that is designed to be accessed via network
management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040].
The lowest NETCONF layer is the secure transport layer, and the
mandatory-to-implement secure transport is Secure Shell (SSH)
[RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-
implement secure transport is TLS [RFC8446].

The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content. Since immutable flag is
tied to applied configuration values, it is only accessible to
clients that have the permissions to read the applied configuration
values.
RESTCONF protocol operations and content.

The YANG module specified in this document defines a metadata
annotation, it also extends the RPC operations of the NETCONF
protocol in [RFC6241] and [RFC8526].

The security considerations for the Defining and Using Metadata with
YANG (see Section 9 of [RFC7952]) apply to the metadata annotation
Expand Down Expand Up @@ -659,6 +667,10 @@ Table of Contents
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/rfc/rfc6241>.

[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/rfc/rfc6242>.

[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/rfc/rfc7950>.
Expand All @@ -680,6 +692,10 @@ Table of Contents
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/rfc/rfc8341>.

[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/rfc/rfc8446>.

[RFC8526] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "NETCONF Extensions to Support the Network
Management Datastore Architecture", RFC 8526,
Expand All @@ -688,6 +704,14 @@ Table of Contents

12.2. Informative References

[I-D.ietf-netmod-rfc8407bis]
Bierman, A., Boucadair, M., and Q. Wu, "Guidelines for
Authors and Reviewers of Documents Containing YANG Data
Models", Work in Progress, Internet-Draft, draft-ietf-
netmod-rfc8407bis-12, 21 June 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-netmod-
rfc8407bis-12>.

[I-D.ietf-netmod-system-config]
Ma, Q., Wu, Q., and C. Feng, "System-defined
Configuration", Work in Progress, Internet-Draft, draft-
Expand Down

0 comments on commit 003223b

Please sign in to comment.